Tag Archives: Internet of Things

AVG

AVG Launches Secure Sign-On for Service Providers and Small Businesses

Leave a comment

AMSTERDAM and SAN FRANCISCO – March 3, 2015 – AVG Technologies N.V. (NYSE: AVG), the online security company for 197 million active users, today announced the immediate availability of AVG Business Secure Sign-On (SSO). Underpinned by technology from identity management leader, Centrify, AVG Business SSO works to provide AVG partners and business owners with a simple way to control company data on employees’ mobile devices and cloud applications.

“AVG Business SSO allows AVG partners to offer much needed help to those small business customers who are struggling with the issues of bring your own device (BYOD) and password management,” said Lee Frankham, director of Simpology, an AVG Business partner in the UK. “Now, we can roll out services that give our customers simple, secure management of their users’ mobile device data and applications in a matter of a few clicks.”

“Mass ownership of personal mobile devices, the adoption of popular consumer cloud services like Skype and Dropbox for business purposes and the impact of the Internet of Things have been the catalysts for true ‘business without walls’,” said Mike Foreman, General Manager, AVG Business. “Business in a fully connected environment puts smaller firms at risk of data breaches. AVG Business SSO for the first time makes it simple for businesses without big budgets or in-house IT staff to keep company confidential data safe, private and within their control, even while it is shared with employee-owned mobile devices and externally hosted cloud services.”

Key features of AVG Business SSO are:

  • Centralized control of cloud and mobile apps/data for one-click authentication of end-user mobile devices – single secure sign-on with multi-factor authentication (MFA) for any device unifies identity and mobile device management to give simplified control of mobile data
  • Affordable identity policy, verification and mobile device management service – including via Active Directory
  • Efficient password management – eliminates risk from easy-to-remember, reused and/or improperly managed passwords, improves end user productivity by eliminating the need to remember multiple passwords and reduces volume of helpdesk calls resulting from forgotten passwords
  • Large range of business applications – support for more than 2,500 of the most popular Cloud-based business apps including Office 365, Salesforce, Webex, Facebook, LinkedIn and many more helping IT providers monetize mobile and cloud management services.

###

 

About Centrify

Centrify provides unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT. Centrify’s unified identity management software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and enterprise mobility management.  Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent, while improving business agility and overall security.  Centrify is used by more than 5,000 customers worldwide, including nearly half of the Fortune 50 and more than 60 Federal agencies.  For more information, please visit http://www.centrify.com/.

 

About AVG Technologies

AVG is the online security company providing leading software and services to secure devices, data and people. Over 197 million active users, as of December 31, 2014, use AVG´s products and services. AVG’s Consumer portfolio includes internet security, performance optimization, and personal privacy and identity protection for mobile devices and desktops. The AVG Business portfolio – delivered by managed service providers, VARs and resellers – offers IT administration, control and reporting, integrated security, and mobile device management that simplify and protect businesses.

All trademarks are the property of their respective owners.

www.avg.com

 

Media Contacts:

US

Holly Luka

Waggener Edstrom for AVG

[email protected]

+ 1 (415) 547 7054

 

UK

Paul Shlackman

PR Manager, SMB & Channel

[email protected]

+44 (0)7792 121510

 

Note to Editors:

AVG Business sells and markets a comprehensive, integrated set of cloud security and remote monitoring and management (RMM) software applications that are  designed from the ground up to simplify the lives of IT providers, Managed Service Providers (MSPs) and their small-to-medium sized business customers.

The portfolio comprises AVG Business CloudCare, a cloud-based administration platform offering resellers a simple way to implement and manage services such as antivirus, content filtering, online backup and email security services for their customers; AVG Business Managed Workplace, an open eco-system Remote Monitoring & Management tool; and AVG Business Secure Sign-On, a cloud-based identity policy, verification and mobile device management service.

Supported by a worldwide network of more than 10,000 partners, AVG’s strong IT security heritage complements its proven strength as an RMM provider and partner to help smaller IT companies and MSPs transition and flourish as fully-fledged managed services businesses.

AVG

Mobile World Congress In Pictures

Leave a comment

Sunday

AVG revealed a pair of concept “Invisibility Glasses” at Pepcom the night before Mobile World Congress.

AVG Invisibility Glasses

 

Monday

HTC announced the release of the HTC M9 on the first day of the conference

HTC M9

 

Smartwatches are present in all shapes and sizes this year

 

AVG is showcasing how AVG Zen can work across wearable devices

AVG Zen

 

AVG experts are on hand to give visitors details on AVG products.

AVG Support Staff

 

 

More to follow!

AVG

The Internet of Things Made Simple

Leave a comment

The Internet of Things is one of the hottest terms in the technology industry. It seems that hardly a week goes by without hearing about our connected world or the Internet of Things.

So what does the Internet of Things really mean and how can we explain it in a way that everyone can understand?

I was recently asked how I would explain the Internet of Things to a five year old and I came up with the following:

 

We all like to talk to our family and friends, our electronic devices (TVs, tablets, cameras) like to speak to each other too. They speak a different language – their own computer language, called the Internet of Things.

Just like when your parents ask you to tidy your room, or you ask them for help with your homework, our devices speak to each other to solve problems and get things done.

For example, if a bad guy came in to steal your toys, the burglar alarm would tell the police to come over and stop them, or the smoke detector could call the fire engine if there was a fire at home.

By talking to each other through the Internet of Things, our computers work together as a team to help us – just like we help our families and friends.”

 

While this is of course simplistic, it is the fundamental function of the Internet of Things, our connected devices sharing information over the Internet.

What kind of connected devices are we talking about? The Internet of Things is made up of all sorts of connected devices including:

  • Smartphones
  • Televisions
  • Alarm Systems
  • Fitness Trackers
  • Games Consoles

Any Internet connected device has the potential to be part of the Internet of Things, all that is required is that they connect and communicate with each other in order to fulfil a wider function.

If you’d like more information on the Internet of Things and the challenges that it presents, read my recent blog on Privacy and The Internet of Things.

Panda Security

The vulnerable Internet of Things: Security when everything is connected

Leave a comment

secure mobile

The Internet of Things is here to stay. Soon, all of our home appliances will be virtually linked. Televisions, clocks, alarms, cars and even fridges will be connected to the Internet and will know almost everything about you to make life easier. Cisco believes that in 2020 there will be more than 50 billion connected devices and a report by the Pew Research Center says that by 2025 we will be used to them knowing our habits.

Despite the advantages that they will offer users, manufacturers and even carriers, there is another group that could benefit from the information we transmit: cyber-criminals. If the Internet is no longer restricted to your computer or phone, and even your fridge knows what you have to buy or your pacemaker informs your hospital of how your heart is beating, a new world of possibilities opens up to cyber-criminals.

The US Federal Trade Commission (FTC) has also raised concerns over the privacy problems related to all devices being connected, and has asked manufacturers to make a special effort not to forget the importance of security. “[The Internet of Things] has the potential to provide enormous benefits for consumers, but it also has significant privacy and security implications,” warned FTC Chairwoman Edith Ramírez during the Consumer Electronics Show.

Ramírez advised connected device manufacturers to adopt three measures to make devices less vulnerable:

  1. Implement security from the design of the device using privacy testing and secure encryption.
  2. Design the device to store only the information it requires.
  3. Be completely transparent to consumers so that they know exactly what data is going to be used and transmitted.

smartphones and computers table

These attacks could have various targets: firstly, to steal specific user data and secondly to cause harm to device manufacturers. Similarly, an intelligence agency could be interested in spying on certain information.  According to experts there are various attacks that could become common:

  • Denial of Service. Paralyzing a service is more serious if all devices are connected.
  • Malware-based attacks. Malicious code can be used to infect hundreds of computers to control a network of smart devices or to put their software in danger.
  • Data breaches. Spying on communications and gathering data on these devices (which could also store data in the cloud) will become another more common attack, compromising our privacy. Both intelligence agencies and private companies with commercial purposes could be interested in gathering information on a specific user.
  • Inadvertent breaches. Our confidential data might not only suffer targeted attacks but could also be lost or accidentally disclosed if the devices do not adequately protect privacy.
  • Security attacks on our homes. The majority of manufacturers of these devices have not considered security necessary and many do not have the mechanisms to correctly protect the data. For example, an attacker could spy on the data of our smart meter.

security on the cloud

To improve security, authentication methods must be adequate, adopting stronger passwords so that both the credentials and the data are correctly encrypted. In addition, security problems could arise in the network. Many devices, such as televisions, connect via Wi-Fi and so manufacturers should adopt strong encryption algorithms. Secondly, special care should be taken with the software and firmware on these devices; they should be able to update and each update must incorporate security mechanisms.

The Internet of Things has many benefits, now it just needs to be completely secure for users.

 

The post The vulnerable Internet of Things: Security when everything is connected appeared first on MediaCenter Panda Security.

AVG

New Concerns for Connected Car Hacks  

Leave a comment

Last week, we reported on news of remote hacking of BMW cars that opened car doors and windows.  That episode was followed by a CBS News 60 Minutes report on DARPA and concerns about Internet of Things last Sunday, which included a renegade, runaway car that had been hacked remotely causing it to crash.

In the CBS demonstration, the victims were only some orange traffic cones. But the implications were real: two tons of moving steel out of the driver’s control.

Granted this may be the worst-case scenario but there are also implications for hijacking your data that give us cause for concern.

In that vein, a new report was issued last week (Feb. 9) in the U.S. on broader security and privacy vulnerabilities in smart vehicles. The report by Senator Ed Markey (D-Mass.) called “Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk,” identified risks and proposes new safety standards for smart vehicles.

Senator Markey is a member of the Commerce, Science and Transportation Committee. His study is based on how 16 major automobile manufacturers responded to questions about how vehicles may be vulnerable to hackers, and how driver information is collected and protected.

Here are just a few excerpts of its data points:

  • All new cars on the market today include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.
  • Few manufacturers are able to report past hacking episodes or could describe any current effective capabilities to diagnose or respond to hacks.
  • A majority of automakers collect and use data on performance and driving history in their efforts to improve customer experience, and often share it with third parties.

The full report is available here.

 

In a statement about the report, Markey summarized: “Drivers have come to rely on these new technologies, but unfortunately the automakers haven’t done their part to protect us from cyber-attacks or privacy invasions. Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected. We need to work with the industry and cyber-security experts to establish clear rules of the road to ensure the safety and privacy of 21st-century American drivers.”

The Markey report illustrates the data and cybersecurity implications for privacy and security in connected cars that we in the industry have been talking about for more than the past year. I’ve written about smart car security and privacy issues and have spoken about the subject at many venues, including last year’s Connected Car Conference.

Our cars are becoming another of our digitally connected devices. But as our cars evolve, essentially into computers on wheels, they are vulnerable to the very same threats and attacks as home computers, laptops and smartphones.

I applaud Markey’s report. As frightening as it may be, it is a call to action for all of us in the auto, tech and security industries.

AVG

Internet of Things still not taking privacy seriously

Leave a comment

It seems that companies developing the connected devices that make up the Internet of Things are in a constant race to release new technologies while potentially compromising on privacy.

It emerged this week that certain models of Samsung’s smart TVs are able to record conversations while voice recognition is active.

Samsung’s Terms and Conditions read:

“Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features.”

“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”

So while voice recordings will only be made while the feature is active, the Terms and Conditions do state that:

“If you do not enable Voice Recognition… while Samsung will not collect your spoken word, Samsung may still collect associated texts and other usage data so that we can evaluate the performance of the feature and improve it.”

I have blogged and spoken on privacy and the Internet of Things several times and it is disappointing to find that privacy and security are still not part of the design process for most consumer IoT devices.

First, in 2013 I highlighted the amount of data that is being generated by each and every user of connected devices, often without their knowledge or understanding.

Then, in 2014 I revealed how voice activated technology could be used to manipulate devices into executing unauthorized commands such as sending emails, or controlling a smart TV.

Video

How Voice Activated devices can be hacked

 

Here we have the two issues combined into one

  • End users are likely unaware that their data is being collected while using the voice command feature. Likewise they don’t understand that this data is used and shared.
  • The dangers of voice activated technology and how they can be used in potentially harmful ways. If you entered sensitive data such as a password via voice recognition, it may seem safe. Voice command records can be stored and stolen just like written files.

 

Users may not understand that while Samsung’s privacy policy contemplates the use of active voice commands, voice activation features can be used both actively and passively, meaning that devices can be constantly recording sound and identifying activation commands.

There is, as such, a potential for privacy issues here.

It’s about time that manufacturers of smart devices started taking the privacy and security of its users seriously. Only a few weeks ago a wireless baby monitor was hijacked and the attacker communicated directly with the nanny through the device.

After CES 2015, I commented that privacy should be at the very heart of the Internet of Things, a sentiment echoed by the FTC and its Chairwoman Edith Ramirez in their report on the Internet of Things.

Hopefully, it will not be too long before the public and electronics producers realize that going online should not mean surrendering your privacy.

AVG

Why you should celebrate Data Protection Day 2015

Leave a comment

So what is Data Protection Day? It’s a holiday proclaimed by the Council of Europe on January 28, 2007. The goal is to raise awareness and promote privacy and data protection best practices.

It is globally celebrated and in the U.S. often referred to as Data Privacy and Protection Day, but it’s still a holiday! So tell your boss, and take a day to yourself. In the words of Madonna, rather the spirit, perhaps we should “Celebrate.”

If we took a data day, took some time to celebrate,
Just one data out of life
It would be, it would be so nice

Everybody spread the word… We’re gonna have a celebration
All across the world, In every nation

It’s time for the good data practices… Forget about the bad, oh yeah…
We need a holiday…

 

On this anniversary of Data Protection Day, the promise is matched only by the tension. In the past year, we’ve seen unprecedented data hacks, continued instances of government surveillance, and an ongoing tide of commercial data collection and use practices that don’t always bode well for consumers.

Data Protection Day 2015

 

This is amplified by real concerns for people’s safety, life, and liberty. Criminal enterprises continue to engage in identity theft and financial fraud.  Terrorist attacks, like those recently in France, further fuel our fears and heighten the impulse to use more invasive state surveillance techniques.

Add to this the sea-change in the landscape created by mobile devices, which will look like nothing compared to the changes ushered in by the Internet of Things. We have more data, more collection points, more providers, more sensitive information, and growing commercial and state appetites to use the data that define our lives.

So why celebrate? Well, a set of forces seems to be converging that indicates a corresponding change in attitude to better protect consumers and change the pH of the ecosystem so it’s more habitable for businesses and users alike.

The FTC released a thoughtful report on IoT that gives us a framework to get ahead of the changes. President Obama recently proposed new cyber-security and data breach legislation that is promising, provided the voices of civil society advocates like CDT and the EFF remain engaged.

The EU continues to work on updating the data protection act to address both the technological and societal changes that have occurred since it was first drafted. More importantly though, the heat in this space has been turned up. There is more debate.  More industry leaders are devoting increasingly more mind share.  Notions of choice, transparency, control, and reasonable defaults – the very threads that weave the fabric of trust that we depend upon – are no longer dirty words.

While these may seem like concepts beyond your desktop, there is a lot each of us can do to take back some of our privacy. Today, I actively managed my privacy settings in iOS. I disabled location services for all those apps where it didn’t make sense.  Why for example do the camera or ADP (payroll) apps need to use my location in the background when I’m not using them? Something doesn’t seem right.

Google Maps Sharing

 

Some apps, I was pleasantly surprised to find, like Google Maps and ESPN’s SportsCenter, do give me the option to turn location services on only “while using.” This makes sense to me and is an example of privacy forward design that gives users better and more refined choices.  The fact that the interface exists at all is an example of transparency that didn’t exist in earlier versions of iOS, and a good sign that things are changing.

All this is to say – the tide is shifting. In this transition, there is more opportunity than we can imagine. We don’t believe that users have to trade privacy and security to benefit from the wealth of data-enabled services available now and soon to come.

Today there is growing interest in shaping a future that is more people-centric than device-centric, and that properly reflects the human rights that we expect. I am optimistic that there is more future than there is past. That’s something to celebrate.